<?php
    // Verifica se tem permissao
    validaPermissao(1);

    //Pega os dados do funcionario
    if (isset($_GET['id']))
    {
        $admin_page = False;

        // Caso tente ver os dados de outro funcionario, verificar se tem a permissao
        if ($_GET['id'] != $_SESSION[site_id]['id'] && nivelAutenticado() < 3)
        {
            // Nao tem permissao para ver outro funcionario: sair
            forbidden();
        }
        else
        {
            // Possui permissao ou esta tentando ver a si mesmo
            $employee = query_fetch("SELECT * from employees WHERE id='{$_GET['id']}' LIMIT 1");

            /* Checks if user exists */
            if (!$employee)
                response_404();
        }
    }
    else
    {
        /* Checks if its admin */
        $admin_page = ($_SESSION[site_id]['id'] == 0);

        /* If not admin and did not specify which user to view: see yourself as employee */
        if (!$admin_page)
            $employee = query_fetch("SELECT * from employees WHERE id='{$_SESSION[site_id]['id']}' LIMIT 1");
    }


    /* gets user info if not admin */
    if (!$admin_page)
        $contato_employee = query_fetch("SELECT * FROM contacts WHERE id ='{$employee['contact_id']}'");
?>
